LastPass 4.0 has been released for all platforms the password manager is available on, and existing users will notice immediately that the new version introduces a new look and feel.

According to the company, the new LastPass is more modern than before. The vault interface, browser extension menus and the web vault accessible on the company website have all been redesigned by the team.

LastPass users who prefer the old layout can switch back to it for the time being by clicking on the profile icon and using the "toggle LastPass 3.0" switch. While that is a possibility for now, it won't be a permanent option as the team plans to remove the feature over the next months.

LastPass 4.0

The company plans to push out automatic updates for all supported user types (Free, Premium and Enterprise), on all systems in the coming weeks.

In a nutshell, LastPass 4.0 is more modern. We redesigned the vault, the browser extension menus, and the web vault at LastPass.com. LastPass is faster, more intuitive, and more approachable for current and new users.

LastPass users who don't want to wait this long to get the update can visit the official download page on the company website to download the latest version manually to their devices. It seems however right now that at least some versions have not been updated yet on the download page.

The redesign is without doubt the center piece of LastPass 4.0 but it is not the only change.

The Emergency Access feature has been designed to provide friends, family members and trusted third-parties with an option to access a user's LastPass vault.

Users need to add people to a trust list first before the feature becomes available. A waiting period is set up automatically which defines the time trusted users need to wait before they can access passwords and notes.

The owner of the account may decline requests at any time during the wait period ensuring that trusted people don't access the vault without need.

LastPass has not revealed exactly how the feature works. Considering that a user's master password is required to access the data, it is unclear right now how others would gain access to a user's vault without it.

The company reveals how the feature works.

How is Emergency Access secure? When you set up Emergency Access, your vault is encrypted locally and then synced with LastPass. LastPass stores the encrypted data until it’s released after the waiting period you specify, and only the Emergency Access contact has the key to be able to decrypt and access your vault. It’s inaccessible to LastPass, and to other outside parties.

The company released an additional document highlighting how the feature works in detail. Basically, it appears as if the vault is secured using the "trusted contact's" public key but not released to the contact directly but stored by LastPass instead. The data is made available to the contact after the "wait period" is over.

The new sharing center is another improvement, if you share passwords or other data with others regularly. Instead of having to email or text passwords, you can simply share passwords with others from within LastPass.

You’ll see tabs for items that you’re sharing with others, for items that others are sharing with you, and for Shared Folders. In each tab, you can review who has access to which passwords or notes, share new items, or remove someone’s access at any time. Plus, you can check if someone’s received the password you shared with them, and remind them if they haven’t accepted it.

Now You: Are you a LastPass user? What's your take on the update?

Summary

Article Name

LastPass 4.0 is out introducing big changes

Description

LastPass 4.0 has been released. The new version of the password manager introduces a redesign, and new features such as Emergency Access.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

About Martin Brinkmann

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand.You can follow Martin on Facebook, Twitter or Google+

That’s a bit unfair, in the lastpass blog they explain “When you set up Emergency Access, your vault is encrypted locally and then synced with LastPass. LastPass stores the encrypted data until it’s released after the waiting period you specify, and only the Emergency Access contact has the key to be able to decrypt and access your vault. It’s inaccessible to LastPass, and to other outside parties.” https://blog.lastpass.com/2016/01/introducing-lastpass-4-0.html/

And provide further details in the FAQ https://helpdesk.lastpass.com/emergency-access/ “LastPass uses public-private key cryptography with RSA-2048 to allow users to share the key to their vault with trusted parties, without ever passing that information in an unencrypted format to LastPass. When Emergency Access is activated, each user has a pair of cryptographic keys – a public key to allow others to encrypt data for the user, and a private key that allows the user to decrypt the data that others have encrypted for them.” … and that’s only part of the details.

And if you really don’t like it (or want it) just don’t use this feature, and nothing changes from the original setup.

So I really think they have gone to a lot of trouble to explain how it works, and how secure it is.

When I tried to set the Emergency Access feature, I entered the email address of my brother, but then got the message:

“You can only share data with other LastPass members. The following users are currently not LastPass members. Would you like us to send them an email inviting them to join LastPass?”

I do not know about the rest of you, but I am NOT going to be turned into a shill for LastPass and allow it to force me to “Invite” him to get LastPass. It has nothing to do with whether or not I like LP (I do), but it’s just too much chutzpah a la Windows 10 notifications for me. Just me, I suppose.

I got the new version by uninstalling LastPass in one browser, then reinstalling it. Having seen the new version, I will be staying with the old version for as long as possible. To me, the new layout is less convenient than the old. There’s more wasted space, which means scrolling to find things that used to all be visible at once, and they’ve changed the colors around so that instead of black text on a white or light grey background, they have grey text on a lighter or darker grey background, which makes it less distinct and therefore harder to read. I could go on with things I don’t like about it, but you get the idea.

I don’t know if you’ve noticed but at this point (1/9/2016) there are 17 pages of feedback on the Lastpass forum’s v.4 announcement – and I’d estimate that 99% of it is overwhelmingly and stridently negative about the v4 update.

I have four browsers on my computer (PaleMoon, Firefox, Opera, and IE) plus LastPass on my Android tablet and phone. As far as I can tell, I have not gotten any version 4 update. And from what I’ve seen from their video and read here, I’m thankful that they haven’t found me yet. I’m not interested in having less information per page so that the page can accommodate icons and other company graphics, and I’m certainly not happy about the colors used for text being less easily read than before. I’ve been a loyal LastPass premium member for years. I hope I don’t have to reconsider that choice.

I installed LastPass 4.0 this morning and I already hate it. Why they changed a layout that was familiar to users makes no sense, and it was much easier to navigate. This new version is a frustrating PITA and I’m already looking for an alternative unless I can revert to the previous one that worked just fine. I wish these software folks would stop fixing things that aren’t broken!

Choose “Compact view” then the magnifying glass icon which will condense it even more. Fairly usable then. I agree though – they just tried to extract more eye candy out of something that already worked perfectly fine.

The way development is going now, it’s pretty much kids trying to be trendy for their presumed peers, without any focus groups or testing on actual users.

“LastPass users who prefer the old layout can switch back to it for the time being by clicking on the profile icon and using the “toggle LastPass 3.0″ switch. While that is a possibility for now, it won’t be a permanent option as the team plans to remove the feature over the next months.”

So much for “months”, as it seems they’ve already removed this feature. At least I don’t have the ability. And the new version of the website (I’m not using the plugin) is very bloated, slowing my browser to a crawl. And my vault won’t load at first, requiring me to reload the page and login again. And then after opening the page (and even after closing it), I can’t copy and text or fill in any forms, etc in any other tabs in my browser until I close/reopen the browser. I’m using K-meleon.

The usability and user interface of 4.0 is horrid in my opinion. I don’t even know where to begin. Trying to use it as an IT company, and the closest thing to being able to do that is just adding a ‘secure note’ which is a completely stripped down single field with no where to store passwords, URL’s, etc. I’d like to use it for storing things other than passwords to websites, but it absolutely sucks for that purpose. The user interface, ways and means to navigate password groups etc is just plan awful. Spend some money and hire UX consultants to make this a decent product. There is a HUGE market for a good password keeper for IT companies. I truly don’t understand how people stomach LastPass.

LP works just fine until you decide to get a new computer, a new motherboard, or a higher capacity hard drive. If you do one of those, you will instantly loose access to your password vault, and no way to recover it. If you choose to remain with LP, you will be required to delete your account and start all over again. This implies that you will have a backup of all your usernames and passwords. So what is the point of a manager if you need a backup somewhere?

What ? it doesn’t sound like you’re talking about LP actually. I don’t like the new version, but for what you’re talking about, LP is an online password manager – your vault is stored on their servers, not on your local drive.

All you need is to remember your master password to access it online – which you can do from any computer, anywhere, and then you can use it offline if you set that up, and that’s what you want to do.

But it’s not tied to any particular hardware, and not stored on your local drive as the primary store of your passwords. Did you forget your master password or something ? I’m not sure I understand the bind you’re in.

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.